Improve getting started docs (#218)

* better getting started docs

* add getting started intro/overview

* update homepage links

---------

Co-authored-by: Theo Ephraim <[email protected]>

Author: philmillman

packages/varlock-website/astro.config.ts

@@ -74,7 +74,13 @@ export default defineConfig({
       sidebar: [
         {
           label: 'Getting Started',
-          items: [{ label: 'Installation', slug: 'getting-started/installation' }],
+          items: [
+            { label: 'Introduction', slug: 'getting-started/introduction' },
+            { label: 'Installation', slug: 'getting-started/installation' },
+            { label: 'Usage', slug: 'getting-started/usage' },
+            { label: 'Migration', slug: 'getting-started/migration' },
+            { label: 'Wrapping up', slug: 'getting-started/wrapping-up' },
+          ],
         },
         {
           label: 'Guides',

packages/varlock-website/src/content/docs/getting-started/installation.mdx

@@ -1,6 +1,6 @@
 ---
 title: Installation
-description: How to install and set up varlock in your project
+description: How to install and set up Varlock in your project
 ---
 
 import ExecCommandWidget from "@/components/ExecCommandWidget.astro";

packages/varlock-website/src/content/docs/getting-started/introduction.mdx

@@ -0,0 +1,36 @@
+---
+title: Introduction
+description: Introduction to Varlock - declarative schema for your environment variables
+---
+
+Varlock is a universal configuration/secrets/environment variable management tool built on top of the [@env-spec](/env-spec/overview/) specification. It provides a comprehensive set of features out of the box that simplify managing, validating, and securing your environment configuration. Whether you need type-safe environment variables, multi-environment management, secure secret handling, or leak prevention, Varlock lets you focus on building your application instead of wrestling with configuration. While it is written in TypeScript, it is language and framework agnostic, and meant to be used in any project that needs configuration at build or boot time, usually passed in via environment variables.
+
+## Features
+
+Varlock aims to be the most comprehensive environment variable management tool. It provides a wide range of features out of the box:
+
+- **[Validation & Type Safety](/reference/data-types/)** - Powerful validation capabilities with clear error messages, plus automatic type generation for IntelliSense support
+- **[Security](/guides/secrets/)** - Automatic log redaction for sensitive values and leak detection in bundled code and server responses
+- **[Multi-Environment Management](/guides/environments/)** - Flexible environment handling with support for environment-specific files, local overrides, and value composition
+- **[Secure Secrets](/guides/secrets/)** - Load secrets from external providers like [1Password](/plugins/1password/) via [plugins](/plugins/overview/) or any CLI tool using [exec()](/reference/functions/#exec)
+- **[Value Composition](/reference/functions/)** - Compose values together using functions, references, and external data sources
+- **[Framework Integrations](/integrations/overview/)** - Official integrations for Next.js, Vite, Astro, and more, plus support for any language via `varlock run`
+- **[Replacement for dotenv](/guides/migrate-from-dotenv/)** - Can be used as a direct replacement for `dotenv` in most projects with minimal code changes
+- **[AI-Friendly](/guides/ai-tools/)** - Built with AI-assisted development in mind, helping prevent accidental secret leaks to AI agents and allowing a schema-driven approach that is easier for AI to understand and remediate
+
+## AI Tooling
+
+### Docs MCP
+
+Varlock provides a Docs MCP server that allows AI tools to search and understand the Varlock documentation. This makes it easier for AI assistants to help you integrate and use Varlock in your projects.
+
+See the [MCP guide](/guides/mcp/#docs-mcp) for setup instructions for Cursor, Claude, Opencode, VS Code, and other MCP-compatible tools.
+
+### LLMs.txt
+
+Varlock also provides an `LLMs.txt` file that helps AI models understand how to integrate and interact with your environment variable configuration. See it at [https://varlock.dev/llms.txt](https://varlock.dev/llms.txt).
+
+## Next Steps
+
+Ready to get started? Check out the [Installation](/getting-started/installation/) guide to set up Varlock in your project.
+

packages/varlock-website/src/content/docs/getting-started/migration.mdx

@@ -0,0 +1,46 @@
+---
+title: Migration
+description: An overview if you have existing .env files and want to migrate to Varlock
+---
+
+import ExecCommandWidget from "@/components/ExecCommandWidget.astro";
+
+## Loading env vars using Varlock
+
+### Migration from dotenv (Node.js)
+
+In a [Node.js](/integrations/javascript/) app if you are already calling `dotenv/config`, you can replace it with `varlock/auto-load`.
+
+```diff title="index.js" lang="js"
+- import 'dotenv/config';
++ import 'varlock/auto-load';
+```
+
+In some cases where `dotenv` is being called deep under the hood by another dependency, you may instead want to swap it in as a dependency override. See our [migrate from dotenv](/guides/migrate-from-dotenv/) guide for more information.
+
+### Within a framework
+
+We must replace framework's existing `.env` logic with Varlock. Our [framework integrations](/integrations/overview/) handle most of the work for you. After [installation](/getting-started/installation/), simply follow the instructions in the relevant integration guide to set up Varlock in your project. Usually this involves adding a new plugin to the existing build system or framework's config file.
+
+### Minimal setup
+
+In some cases, a code-level integration may be challenging or impossible. In this case you can use [`varlock run`](/reference/cli-commands/#run) to boot your application with env vars injected from Varlock. For example `varlock run -- your-app`. Sometimes you may need to use this alongside a deeper integration, for example to feed env vars into external tools or additional scripts.
+
+
+
+## Using `varlock/env`
+
+If you're currently using `import.meta.env` or `process.env`, your code will still work after switching to Varlock. However, we recommend using varlock's `ENV` object for better type-safety and an improved developer experience.
+
+```diff title="index.js" lang="js"
+// Before (import.meta.env)
+- console.log(import.meta.env.SOMEVAR);
+
+// After (ENV)
+import { ENV } from 'varlock/env';
++ console.log(ENV.SOMEVAR);
+```
+
+![intellisense](../../../assets/demo-images/intellisense.png)
+
+See our [integrations](/integrations/overview/) section for more information.

packages/varlock-website/src/content/docs/getting-started/usage.mdx

@@ -0,0 +1,44 @@
+---
+title: Usage
+description: How to use Varlock in your project
+---
+
+import ExecCommandWidget from "@/components/ExecCommandWidget.astro";
+
+## Basics
+
+The basic workflow for using Varlock is to:
+
+1. Run [`varlock init`](/reference/cli-commands/#init) to set up your `.env.schema` file
+2. Run [`varlock load`](/reference/cli-commands/#load) to debug and refine your .env file(s)
+3. Use Varlock to load, validate, and inject env vars into your application, either:
+    - Use an [existing framework / tool integration](/integrations/overview/) that automatically calls Varlock under the hood (_recommended_)
+    - Use `import 'varlock/auto-load'` in a backend JavaScript/TypeScript project
+    - Boot your command via [`varlock run`](/reference/cli-commands/#run)<br/>(_necessary for non-JS/TS projects, or feeding env vars to external tools_)
+
+
+## CLI Commands
+
+### `varlock load`
+
+<ExecCommandWidget command="varlock load" />
+
+Validates your environment variables according to your `.env.schema` and associated `.env.*` files, and prints the results.
+
+Useful for debugging locally, and in CI to print out a summary of env vars, also when you're authoring your `.env.schema` file and want immediate feedback.
+
+:::tip
+Our [integrations](/integrations/overview) all use `varlock load` under the hood, so you'll get the same developer experience, but typically they will only let you know if there are errors, rather than the full summary.
+:::
+
+
+See the [`varlock load` CLI Reference](/reference/cli-commands/#load) for more information.
+
+### `varlock run`
+
+<ExecCommandWidget command="varlock run -- <your-command>" />
+
+Executes a command in a child process, injecting your resolved and validated environment variables. This is useful when a code-level integration is not possible. For example, if you're using a database migration tool, you can use `varlock run` to run the migration tool with the correct environment variables. Or if you're using a non-js/ts language, you can use `varlock run` to run a command and inject validated environment variables.
+
+
+See the [`varlock run` CLI Reference](/reference/cli-commands/#run) for more information.

packages/varlock-website/src/content/docs/getting-started/wrapping-up.mdx

@@ -0,0 +1,69 @@
+---
+title: Wrapping up
+description: How to get your project ready for production and collaboration
+---
+
+import ExecCommandWidget from "@/components/ExecCommandWidget.astro";
+
+## Next steps with your schema
+
+With a more flexible env var toolkit, after an initial migration, you may be tempted to take advantage
+of Varlock's features to improve your developer experience and security posture.
+
+- Move more configuration constants out of application code and into your `.env` files
+- Reduce the number of of env-style checks in your code, favouring individual flags, with a default value set based on the current env
+- Add deeper validation, more thorough comments, and additional docs links to each env var within your schema
+- Compose values together to keep your configuration DRY
+- Use [imports](/guides/import/) to share common configuration across a monorepo, or to break up a large `.env.schema`
+- Reduce secret sprawl, by loading secrets from a single source of truth, instead of injecting them from your CI/hosting platform
+
+
+## Repo setup
+
+### `.gitignore`
+
+Depending on your setup you will want to update your `.gitignore` to _not_ ignore your `.env.schema` file and any other `.env.xxx` files that can now be safely committed to your repo if they don't contain secrets (which they shouldn't).
+
+If using [generated types](/reference/root-decorators/#generatetypes), we also recommend that you ignore the generated file (usually `env.d.ts` in TypeScript) as it is dynamically generated based the hierarchy of env files being loaded on each individual machine.
+
+```diff title=".gitignore"
+
+# Include .env.schema, .env.<dev|preview|prod|...> file
+# exclude local overrides
+-.env.*
++.env.local
++.env.*.local
+
+# Exclude generated env types file
++env.d.ts
+```
+
+:::tip
+Depending on the [AI Tools](/guides/ai-tools/) you use, you may need to add a similar rule to allow `.env.schema` to be modified. For example, in `.cursorignore`.
+:::
+
+### Monorepos
+
+Consider how you can reuse and modularize your schema if you have a monorepo or multi-service setup. See the [Imports](/guides/import/) guide for more information.
+
+## Deployment
+
+### CI/CD platforms
+
+It may be useful to validate your schema in CI/CD pipelines, especially if you want to validate configurations that you don't have access to locally (e.g. Staging or Production). You can do this manually by running `varlock load` in your pipeline. And if you're using GitHub Actions, you can use the [Varlock GitHub Action](/integrations/github-action/) to validate your schema automatically.
+
+:::tip
+Having a well architected multi-environment setup is key to healthy CI/CD workflows. See the [Environments](/guides/environments/) guide for more information.
+:::
+
+### Production deployments
+
+Because varlock supports loading environment variables from the environment itself or via a [function](/reference/functions/) in your `.env.schema`, there are a few different approaches.
+
+If you're already using your deployment platform's environment variable management, you may not need to do anything to benefit from varlock's validation and security features. If you have a multi-environment setup, you may need to set the `currentEnv` environment flag to the correct environment.
+
+```bash
+APP_ENV=production varlock run -- your-production-command
+```
+
+If you're not using your deployment platform's environment variable management, you may consider using one of our [plugins](/plugins/overview/) to securely load environment variables from a secret storage system such as [1Password](/plugins/1password/).

packages/varlock-website/src/content/docs/guides/telemetry.mdx

@@ -68,4 +68,4 @@ The anonymous usage data helps us:
 - Make informed decisions about future development
 - Prioritize bug fixes and new features
 
-If you have any questions about our analytics or privacy practices, please [start a discussion](https://github.com/dmno-dev/varlock/discussions) on GitHub. 
+If you have any questions about our analytics or privacy practices, please [start a discussion](https://github.com/dmno-dev/varlock/discussions) on GitHub.

packages/varlock-website/src/content/docs/integrations/astro.mdx

@@ -96,7 +96,7 @@ If you find you are not getting type completion on `ENV`, you may need to add yo
 
 Even in a static front-end project, you may have other scripts in your project that rely on sensitive config.
 
-You can use [`varlock run`](/reference/cli-commands/#varlock-run) to inject resolved config into other scripts as regular env vars.
+You can use [`varlock run`](/reference/cli-commands/#run) to inject resolved config into other scripts as regular env vars.
 
 <ExecCommandWidget command="varlock run -- node ./script.js" showBinary={false} />
 

packages/varlock-website/src/content/docs/integrations/javascript.mdx

@@ -34,7 +34,7 @@ If you are using [`dotenv`](https://www.npmjs.com/package/dotenv), or a package
 
 ## Boot via `varlock run`
 
-A less invasive way to use varlock with your application is to run your application via [`varlock run`](/reference/cli-commands/#varlock-run).
+A less invasive way to use varlock with your application is to run your application via [`varlock run`](/reference/cli-commands/#run).
 
 ```bash
 varlock run -- <your-command>

packages/varlock-website/src/content/docs/integrations/nextjs.mdx

@@ -299,7 +299,7 @@ _you may need to adjust if you don't want to copy certain .local files_
 
 
 Standalone builds do not copy dependency binaries, and varlock depends on the CLI to load.
-So wherever you are booting your standalone server, you will also need to [install the varlock binary](/getting-started/installation/) and boot your server via [`varlock run`](/reference/cli-commands/#varlock-run)
+So wherever you are booting your standalone server, you will also need to [install the varlock binary](/getting-started/installation/) and boot your server via [`varlock run`](/reference/cli-commands/#run)
 
 ```bash
 varlock run -- node .next/standalone/server.js